<?php
function url_protect() {
	// Ensure only valid characters are used in a URL
	if ($_SERVER['REQUEST_URI'] && !ereg('^[a-zA-Z0-9\+-_=\*/?&/\\]+$', $_SERVER['REQUEST_URI'])) admin_report('Invalid URI');

	// Stop malicious bots/people trying to envoke an offsite script
	if ($_SERVER['QUERY_STRING'] && strstr($_SERVER['QUERY_STRING'], 'http')) admin_report('Invalid Query String');

	// Protect against SQL injection attacks
	if (!get_magic_quotes_gpc()) $_SERVER['REQUEST_URI'] = addslashes($_SERVER['REQUEST_URI']);

	// Filter URL for a bit of security against XSS attacks
	$_SERVER['REQUEST_URI'] = htmlentities($_SERVER['REQUEST_URI']);
}
?>